The network demonstration of knowledge of the secret passage by 40 coin flips appears unnecessarily complicated.
Why not simply send Mick down the left path and show him returning from the right? That directly demonstrates Mick knows a passage from left to right (at least to all observers at the fork. home viewers still worry about video editing).
if you just sent Mick down the left path and he came out the right, then a video would conclusively show he knew the password.
And this is why "How to explain zero-knowledge protocols to your children" is probably the worst way to explain zero-knowledge protocols to anyone. Its not explaining what a zero-knowledge proof is or how it works. It's explaining what a simulator is when proving a protocol is zero-knowledge . Oh, and the explanation only works for interactive protocols.
A simple and surprising limitation of Monero and any other decoy-based approach is that if you repeatedly withdraw money from one exchange and then deposit it to another, those transactions are not private (edit: even if we ignore payment value). This is a form of Eve-Alice-Eve attack.
Monero uses decoy transactions to obscure the transaction history on-chain, but it does not remove the history. There's a reason every other major privacy protocol (Zcash, Tornado Cash, Railgun, Aleo, Penumbra, etc.) does not use Monero's decoy-based approach, and even the Monero developers are moving to the standard zero-knowledge proof over an accumulator (IIRC a merkle tree like everyone else) based approach that they call Full Chain Anonymity Proofs.
As a meta-comment, this is one of a genre of Monero "privacy" analysis documents that are circulated as a way to claim there are no known actively used exploits. This is little better than the classic "my scheme is secure; here's a bounty for anyone who breaks it" form of cryptographic analysis we often see with flawed encryption schemes. Breaks will not always be public.